742 matches found
OESA-2026-1101 libsodium security update
Sodium is a modern, easy-to-use software library for encryption, decryption, signatures, password hashing and more. It is a portable, cross-compilable, installable6, packageable fork of NaCl, with a compatible API, and an extended API to improve usability even further. Security Fixes: libsodium...
OESA-2026-1097 libsodium security update
Sodium is a modern, easy-to-use software library for encryption, decryption, signatures, password hashing and more. It is a portable, cross-compilable, installable6, packageable fork of NaCl, with a compatible API, and an extended API to improve usability even further. Security Fixes: libsodium...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-004804)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004804 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: fix vf may be used uninitialized in this function warning To fix the regression introduced ...
Improper Access Control
allauth-django is vulnerable to improper access control. The vulnerability is due to previously issued access and refresh tokens remaining valid even after a user account is marked as isactive=False, which allows an attacker to continue authenticating and accessing protected resources using those...
kernel: Bluetooth: MGMT: Fix possible UAFs
A flaw was found in the Linux kernel’s Bluetooth management subsystem net/bluetooth/mgmt.c. The mgmtpending structure may be freed while still being processed, or remain on the pending command list, which allows a use-after-free or double-free scenario. An attacker with local access to the system...
Fedora 42 : libsodium (2026-b7217393db)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-b7217393db advisory. Version 1.0.21 This point release includes all the changes from 1.0.20-stable, which include a security fix for the cryptocoreed25519isvalidpoint function, a...
Updated sodium packages fix security vulnerability
Libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to cryptocoreed25519isvalidpoint, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group. CVE-2025-69277...
CVE-2020-10581
Multiple session validity check issues in several administration functionalities of Invigo Automatic Device Management ADM through 5.0 allow remote attackers to read potentially sensitive data hosted by the application...
CVE-2024-34024
Observable response discrepancy issue exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, an unauthenticated remote attacker may determine if a username is valid or not...
Ubuntu: Security Advisory (USN-7949-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-7949-1 libsodium vulnerability
It was discovered that Sodium incorrectly handled the elliptic curve point validity check in certain atypical use cases. This could result in invalid points being used, contrary to expectations...
USN-7949-1: Sodium vulnerability
It was discovered that Sodium incorrectly handled the elliptic curve point validity check in certain atypical use cases. This could result in invalid points being used, contrary to expectations...
CVE-2025-69197
Pterodactyl Panel (versions
CVE-2025-69197 Pterodactyl TOTPs can be reused during validity window
Pterodactyl is a free, open-source game server management panel. Versions 1.11.11 and below allow TOTP to be used multiple times during its validity window. Users with 2FA enabled are prompted to enter a token during sign-in, and afterward it is not sufficiently marked as used in the system. This...
CVE-2025-69197 Pterodactyl TOTPs can be reused during validity window
Pterodactyl is a free, open-source game server management panel. Versions 1.11.11 and below allow TOTP to be used multiple times during its validity window. Users with 2FA enabled are prompted to enter a token during sign-in, and afterward it is not sufficiently marked as used in the system. This...
CVE-2025-15444 Crypt::Sodium::XS module versions prior to 0.000042, for Perl, include a vulnerable version of libsodium
Crypt::Sodium::XS module versions prior to 0.000042, for Perl, include a vulnerable version of libsodium libsodium = 1.0.20 or a version of libsodium released before December 30, 2025 contains a vulnerability documented as CVE-2025-69277 https://vulners.com/cve/CVE-2025-69277 . The libsodium...
libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to crypto_core_ed25519_is_valid_point, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group.
...
SUSE CVE-2025-69277
libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to cryptocoreed25519isvalidpoint, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group...
PT-2026-27699
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where interrupt urb messages of incorrect length are not properly handled. Specifically, the code does not correctly detect and reject short interrupt...
GHSA-MRFV-M5WM-5W6W libsodium has Incomplete List of Disallowed Inputs
libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to cryptocoreed25519isvalidpoint, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group. This advisoory...